2 * Copyright (c) 1999 - 2006 Kungliga Tekniska Högskolan
3 * (Royal Institute of Technology, Stockholm, Sweden).
6 * Portions Copyright (c) 2009 Apple Inc. All rights reserved.
8 * Redistribution and use in source and binary forms, with or without
9 * modification, are permitted provided that the following conditions
12 * 1. Redistributions of source code must retain the above copyright
13 * notice, this list of conditions and the following disclaimer.
15 * 2. Redistributions in binary form must reproduce the above copyright
16 * notice, this list of conditions and the following disclaimer in the
17 * documentation and/or other materials provided with the distribution.
19 * 3. Neither the name of the Institute nor the names of its contributors
20 * may be used to endorse or promote products derived from this software
21 * without specific prior written permission.
23 * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
24 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
25 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
26 * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
27 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
28 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
29 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
30 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
31 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
32 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
39 #ifdef HAVE_SYS_MMAN_H
47 #include "check-common.h"
59 /* #undef HAVE_MMAP */
62 map_alloc(enum map_type type
, const void *buf
,
63 size_t size
, struct map_page
**map
)
67 size_t len
= size
+ sizeof(long) * 2;
70 *map
= ecalloc(1, sizeof(**map
));
76 (*map
)->data_start
= p
+ sizeof(long);
77 for (i
= sizeof(long); i
> 0; i
--)
78 p
[sizeof(long) - i
] = 0xff - i
;
79 for (i
= sizeof(long); i
> 0; i
--)
80 p
[len
- i
] = 0xff - i
;
84 size_t pagesize
= getpagesize();
86 *map
= ecalloc(1, sizeof(**map
));
95 fd
= open ("/dev/zero", O_RDONLY
);
97 err (1, "open /dev/zero");
101 (*map
)->size
= size
+ pagesize
- (size
% pagesize
) + pagesize
* 2;
103 p
= (unsigned char *)mmap(0, (*map
)->size
, PROT_READ
| PROT_WRITE
,
105 if (p
== (unsigned char *)MAP_FAILED
)
110 ret
= mprotect (p
, pagesize
, 0);
114 ret
= mprotect (p
+ (*map
)->size
- pagesize
, pagesize
, 0);
120 (*map
)->data_start
= p
+ (*map
)->size
- pagesize
- size
;
123 (*map
)->data_start
= p
+ pagesize
;
129 (*map
)->data_size
= size
;
131 memcpy((*map
)->data_start
, buf
, size
);
132 return (*map
)->data_start
;
136 map_free(struct map_page
*map
, const char *test_name
, const char *map_name
)
139 unsigned char *p
= map
->start
;
142 for (i
= sizeof(long); i
> 0; i
--)
143 if (p
[sizeof(long) - i
] != 0xff - i
)
144 errx(1, "%s: %s underrun %d\n", test_name
, map_name
, i
);
145 for (i
= sizeof(long); i
> 0; i
--)
146 if (p
[map
->size
- i
] != 0xff - i
)
147 errx(1, "%s: %s overrun %lu\n", test_name
, map_name
,
148 (unsigned long)map
->size
- i
);
153 ret
= munmap (map
->start
, map
->size
);
161 print_bytes (unsigned const char *buf
, size_t len
)
165 for (i
= 0; i
< len
; ++i
)
166 printf ("%02x ", buf
[i
]);
170 #define MAP_FAILED (-1)
173 static char *current_test
= "<uninit>";
174 static char *current_state
= "<uninit>";
177 segv_handler(int sig
)
180 char msg
[] = "SIGSEGV i current test: ";
182 fd
= open("/dev/stdout", O_WRONLY
, 0600);
184 write(fd
, msg
, sizeof(msg
));
185 write(fd
, current_test
, strlen(current_test
));
187 write(fd
, current_state
, strlen(current_state
));
195 generic_test (const struct test_case
*tests
,
198 int (*encode
)(unsigned char *, size_t, void *, size_t *),
199 int (*length
)(void *),
200 int (*decode
)(unsigned char *, size_t, void *, size_t *),
201 int (*free_data
)(void *),
202 int (*cmp
)(void *a
, void *b
),
203 int (*copy
)(const void *from
, void *to
))
205 unsigned char *buf
, *buf2
;
209 struct map_page
*data_map
, *buf_map
, *buf2_map
;
211 struct sigaction sa
, osa
;
213 for (i
= 0; i
< ntests
; ++i
) {
215 size_t sz
, consumed_sz
, length_sz
, buf_sz
;
218 current_test
= tests
[i
].name
;
220 current_state
= "init";
222 sigemptyset (&sa
.sa_mask
);
225 sa
.sa_flags
|= SA_RESETHAND
;
227 sa
.sa_handler
= segv_handler
;
228 sigaction (SIGSEGV
, &sa
, &osa
);
230 data
= map_alloc(OVERRUN
, NULL
, data_size
, &data_map
);
232 buf_sz
= tests
[i
].byte_len
;
233 buf
= map_alloc(UNDERRUN
, NULL
, buf_sz
, &buf_map
);
235 current_state
= "encode";
236 ret
= (*encode
) (buf
+ buf_sz
- 1, buf_sz
,
239 printf ("encoding of %s failed %d\n", tests
[i
].name
, ret
);
243 if (sz
!= tests
[i
].byte_len
) {
244 printf ("encoding of %s has wrong len (%lu != %lu)\n",
246 (unsigned long)sz
, (unsigned long)tests
[i
].byte_len
);
251 current_state
= "length";
252 length_sz
= (*length
) (tests
[i
].val
);
253 if (sz
!= length_sz
) {
254 printf ("length for %s is bad (%lu != %lu)\n",
255 tests
[i
].name
, (unsigned long)length_sz
, (unsigned long)sz
);
260 current_state
= "memcmp";
261 if (memcmp (buf
, tests
[i
].bytes
, tests
[i
].byte_len
) != 0) {
262 printf ("encoding of %s has bad bytes:\n"
263 "correct: ", tests
[i
].name
);
264 print_bytes ((unsigned char *)tests
[i
].bytes
, tests
[i
].byte_len
);
265 printf ("\nactual: ");
266 print_bytes (buf
, sz
);
269 rk_dumpdata("correct", tests
[i
].bytes
, tests
[i
].byte_len
);
270 rk_dumpdata("actual", buf
, sz
);
277 buf2
= map_alloc(OVERRUN
, buf
, sz
, &buf2_map
);
279 current_state
= "decode";
280 ret
= (*decode
) (buf2
, sz
, data
, &consumed_sz
);
282 printf ("decoding of %s failed %d\n", tests
[i
].name
, ret
);
286 if (sz
!= consumed_sz
) {
287 printf ("different length decoding %s (%ld != %ld)\n",
289 (unsigned long)sz
, (unsigned long)consumed_sz
);
293 current_state
= "cmp";
294 if ((*cmp
)(data
, tests
[i
].val
) != 0) {
295 printf ("%s: comparison failed\n", tests
[i
].name
);
300 current_state
= "copy";
302 to
= emalloc(data_size
);
303 ret
= (*copy
)(data
, to
);
305 printf ("copy of %s failed %d\n", tests
[i
].name
, ret
);
310 current_state
= "cmp-copy";
311 if ((*cmp
)(data
, to
) != 0) {
312 printf ("%s: copy comparison failed\n", tests
[i
].name
);
318 current_state
= "free";
327 current_state
= "free";
328 map_free(buf_map
, tests
[i
].name
, "encode");
329 map_free(buf2_map
, tests
[i
].name
, "decode");
330 map_free(data_map
, tests
[i
].name
, "data");
332 sigaction (SIGSEGV
, &osa
, NULL
);
334 current_state
= "done";
341 * a test size (byte_len) of -1 means that the test tries to trigger a
342 * integer overflow (and later a malloc of to little memory), just
343 * allocate some memory and hope that is enough for that test.
347 generic_decode_fail (const struct test_case
*tests
,
350 int (*decode
)(unsigned char *, size_t, void *, size_t *))
356 struct map_page
*data_map
, *buf_map
;
358 struct sigaction sa
, osa
;
360 for (i
= 0; i
< ntests
; ++i
) {
365 current_test
= tests
[i
].name
;
367 current_state
= "init";
369 sigemptyset (&sa
.sa_mask
);
372 sa
.sa_flags
|= SA_RESETHAND
;
374 sa
.sa_handler
= segv_handler
;
375 sigaction (SIGSEGV
, &sa
, &osa
);
377 data
= map_alloc(OVERRUN
, NULL
, data_size
, &data_map
);
379 if (tests
[i
].byte_len
< 0xffffff && tests
[i
].byte_len
>= 0) {
380 sz
= tests
[i
].byte_len
;
381 bytes
= tests
[i
].bytes
;
387 buf
= map_alloc(OVERRUN
, bytes
, sz
, &buf_map
);
389 if (tests
[i
].byte_len
== -1)
392 current_state
= "decode";
393 ret
= (*decode
) (buf
, tests
[i
].byte_len
, data
, &sz
);
395 printf ("sucessfully decoded %s\n", tests
[i
].name
);
400 current_state
= "free";
402 map_free(buf_map
, tests
[i
].name
, "encode");
403 map_free(data_map
, tests
[i
].name
, "data");
405 sigaction (SIGSEGV
, &osa
, NULL
);
407 current_state
= "done";